CVE-2021-46104 Scanner

webp_server_go is an open-source software used for serving webp images efficiently over the internet. It is employed by developers and businesses managing image-heavy web applications to reduce image size and improve load times. The tool is known for its compatibility with various image conversion and serving capabilities, making it a preferred choice in environments where bandwidth and load optimization are critical. With its strong developer community, webp_server_go is continually updated to ensure it meets the latest performance and security standards. It is used by small to medium-sized enterprises and individual developers who wish to incorporate webp image serving features. The software also provides features that allow for easy integration with existing web servers.

Path Traversal is a critical vulnerability found in webp_server_go, allowing attackers to access unauthorized files and directories. This security gap arises due to inadequate sanitization checks in the file handling routine, leading to potential exploitation through specially crafted requests. Attackers can use this flaw to traverse directories and gain access to files that are otherwise restricted. It is a serious issue because it can expose sensitive server-side files, including passwords, configuration details, and more. The vulnerability does not require authentication, increasing the risk and potential damage it can cause. Immediate attention and remediation measures are necessary to prevent exploitation.

The vulnerability occurs due to insufficient input validation in the file handling functions of webp_server_go. By manipulating URL paths with encoded directory traversal sequences, malicious users can bypass normal access controls. A typical exploit involves sending a specifically crafted HTTP GET request with the path containing encoded traversal characters to gain access to files outside the intended directory. The vulnerable parameter is the request path, which should allow legitimate file access but fails when translating traversal symbols. This weakness is exacerbated if deployed on publicly accessible servers, where attackers can easily send these malicious requests.

Exploiting the Path Traversal vulnerability in webp_server_go can lead to unauthorized file disclosure, potentially leaking sensitive data such as authentication credentials and configuration files. If attackers access system files, it might lead to further exploitation like privilege escalation, making the whole server potentially compromised. The exposure of sensitive application files can disclose business logic and other proprietary information. Worst-case scenarios involve attackers taking control of the server or pivoting to other parts of the network. Customers' Personally Identifiable Information (PII) stored within accessible files also stand at risk, leading to privacy violations and legal issues.

REFERENCES

• https://github.com/webp-sh/webp_server_go/issues/92